Ubuntu 11.04 To install the required card reader software:



Similar documents
OUTLOOK WEB ACCESS (OWA) AND SSL VPN HOME USERS MANUAL

Outlook Web Access 2003 Remote User Guide

Massey University Wireless Network Client Configuration Mac OS X

OUTLOOK WEB ACCESS (OWA) AND SSL VPN HOME USERS MANUAL

Learning Management System (LMS) Quick Tips. Contents LMS REFERENCE GUIDE

account multiple solutions

How To Run A Password Manager On A 32 Bit Computer (For 64 Bit) On A 64 Bit Computer With A Password Logger (For 32 Bit) (For Linux) ( For 64 Bit (Foramd64) (Amd64 (For Pc

Security Cooperation Information Portal

An Introduction to Box.com

Frequently Asked Questions for logging in to Online Banking

Installing Citrix for Mac

Charms Recording Studio USER GUIDE For PC/Mac As a Parent/Student/Member

Activation Key usage and Windows 7 Professional installation guide

Autodesk Installation

Banner Frequently Asked Questions (FAQs)

Passport Installation. Windows XP + Internet Explorer 8

RAPIDS Self Service User Guide

AKO Shutdown Quick Reference Guide

DOCUMENT MANAGEMENT SYSTEM

Bulk Downloader. Call Recording: Bulk Downloader

2010 Outlook Web App Client Overview

Digital Signature Certificate Online Enrollment Guide using etoken

Greetings Keyboard Mastery Keyboarding Students! Teacher: Mrs. Wright

PC Requirements and Technical Help. Q1. How do I clear the browser s cache?

Ulteo Open Virtual Desktop Installation

Presented by: Michael J. Danberry. Last Revision / review: 07 October ActivClient download locations:

Sendspace Wizard Desktop Tool Step-By-Step Guide

Course Inventory Management System: Beginners Guide

WinSCP: Secure File Transfer Using WinSCP for Secure File Transfer on Windows

atbusiness Deposit Installation Guide Table of Contents

CONNECTING TO THE DTS WIRELESS NETWORK USING WINDOWS VISTA

Trusted Relationships. Sending Invitations. Sending Invitations from Outlook

Installing a Browser Security Certificate for PowerChute Business Edition Agent

SMS for Outlook. Installation, Configuration and Usage Guide

Client Certificate Update Guide for CPDMS.NET (Internet Explorer)

Dartmouth College Technical Support Document for Kronos PC version

Procedure for How to Enroll for Digital Signature

BaseManager & BACnet Manager VM Server Configuration Guide

Employee Express - PIV Card Registration Instructions

Pearson Onscreen Platform (POP) Using POP Offline testing system guide

Instructions to Sign On and Off of Self Service Applications. Internet Explorer 9 (IE9) Users: Turn Off Compatibility View:

Shakambaree Technologies Pvt. Ltd.

VeriSign PKI Client Government Edition v 1.5. VeriSign PKI Client Government. VeriSign PKI Client VeriSign, Inc. Government.

Citrix Web Client Installation and CAC Registration Guide

How To Sync Google Drive On A Mac Computer With A Gmail Account On A Gcd (For A Student) On A Pc Or Mac Or Mac (For An Older Person) On An Ipad Or Ipad (For Older People) On

Instructions for Configuring Your Browser Settings and Online Security FAQ s. ios8 Settings for iphone and ipad app

AzMERIT Secure Browser Installation Manual For Technology Coordinators

New Online Banking Guide for FIRST time Login

mypro Installation and Handling Manual Version: 7

ECA IIS Instructions. January 2005

I N R O A D S, I N C. T R A I N I N G A N D D E V E L O P M E N T

MyNet FAQ s GETTING STARTED: Q: What is the MyNet website address? A:

Passport installation Windows 8 + Firefox

DAY OF TESTING GUIDE. Contact Information. Websites. Please do not bookmark the Proctor Interface or the Student Interface.

Windows and MAC User Handbook Remote and Secure Connection Version /19/2013. User Handbook

Smart Card Certificate Authentication with VMware View 4.5 and Above WHITE PAPER

You can find the installer for the +Cloud Application on your SanDisk flash drive.

Aesop QuickStart Guide for Substitutes

Accessing the Online Meeting Room (Blackboard Collaborate)

Archived Referrals. Accessing Referrals in the Archive Viewer

How to setup EW-7438RPn with a Windows computer to extend an existing Wi-Fi network

Using and the Internet

CPE111 COMPUTER EXPLORATION

PC Troubleshooting Steps

Online Scheduling Instructions

db-direct internet EU

INFORMATION TECHNOLOGY CERES DEPARTMENT

MetroHealth Information Services

E M A I L S E T - U P G U I D E

SENDING AND RECEIVING PROTECTED INFORMATION VIA ELECTRONIC MAIL. Naval Medical Center Portsmouth IMD Training Division

Yale Software Library

isupplygw Site Login Troubleshooting

CSA Software Listing Table of Contents. Both Windows and Mac platforms are supported.

How To Insert Hyperlinks In Powerpoint Powerpoint

E-CERT C ONTROL M ANAGER

Digital Signature Certificate Online Enrollment Guide using etoken Pro 72K (Java)

Accessing Citrix on a MAC using OS X (Mountain Lion and Newer)

Malwarebytes Anti-Malware 1.42

Using Internet or Windows Explorer to Upload Your Site

How to Install Applications (APK Files) on Your Android Phone

Massey University Follow Me Printer Setup for Linux systems

Document Services Online Customer Guide


Fiery E100 Color Server. Welcome

Integrating EJBCA and OpenSSO

Voice-Over PowerPoint (VOPP) and FTP Instructions for Online Courses (for Windows PC Computers) December 2009

8x8 Click2Pop User Guide

Faculty, Staff, and Student Instructions

VPN Web Portal Usage Guide

First Advisors Login Guide

Citrix for Mac Installation

PaymentNet Federal Card Solutions Cardholder FAQs

Use of Common Access Cards (CACs) from Home on Windows 7 without Middleware

Optimal Browser Settings for Internet Explorer Running on Microsoft Windows

Accessing The Doctors Clinic Physician Connect

Passport Installation. Windows 8 + Internet Explorer 10

ONLINE ACCOUNTABILITY FOR EVERY DEVICE. Quick Reference Guide V1.0

USER GUIDE WWPass Security for Windows Logon

Non-Java Kronos link:

Transcription:

My previous attempts to get the DoD CAC/PKI system to work on Fedora and Ubuntu have been extremely painful and only occasionally successful. However, the process with Ubuntu 11.04 was very straightforward. So simple even a pilot can do it although maybe I just got lucky this time. While there are a number of different ways to do it, this is the way that worked for me using both the SCR 331 and SCR3310 card readers. These instructions assume a very basic level of knowledge about Linux. To install the required card reader software: 1. To open the terminal (there are many ways to do this...this is one) - press the super and a keys at same time - the super key is the windows icon key located between the <ctrl> and <alt> keys. - type terminal (without the quotes) - click the terminal icon 2. At command prompt, type: sudo apt-get install coolkey pcscd pcsc-tools 3. Enter your password if required 4. When complete, plug in (or re-plug in) your card reader and insert CAC card. 4. Check to see if your card reader is recognized by typing pcsc_scan - you should see something similar to this: - to exit the pcsc_scan, hit <ctrl> - c (that is press the ctrl and c key together)

- if you get any kind of error message, you may need to update the drivers for your card reader. That is more complicated and you should use other resources to figure out how to do this (there is plenty of info online about this although it is not an easy process). For both of my readers, updating the driver was not necessary. You will then need to download the DoD CA Certificates for Firefox: There are many ways to do this too. This is not always the fastest but it should work for most people. You must use Firefox to access this website, Chrome will not work. 1. Go to: http://dodpki.c3pki.chamb.disa.mil/rootca.html 2. Click on all four Certificates, one at a time. - these are Download Class 3 Root CA Certificate, Download Root CA 2 Certificate, Download External Certification Authority (ECA) Root CA Certificate, Download External Certification Authority (ECA) Root CA 2 Certificate. 3. For each one, the process is the same. A notification box will appear. Check all three or the top two boxes. - that is check Trust this CA to identify web sites., Trust this CA to identify email users, and Trust this CA to identify software developers. - At different installs, I have selected all three and just the top two. They both work. But, I have heard it is better for security to do only the top two but am unsure why. 4. Click view to confirm the certificates then click enter NOTE - You may receive the error message (below) when you do this. THIS IS NOT A PROBLEM; the certificate has been installed anyway. No need to worry or do anything further.

- Again, you may receive the error message below when you do this. THIS IS NOT A PROBLEM; the certificate has been installed anyway. No need to worry or do anything further.

Adding your smartcard reader to Firefox: 1. Open Firefox 2. On the menu bar (at top of screen), go to Edit->Preferences 3. Click on Advanced tab 4. Click on Security Devices

5. Click Load 6. For Device name type in CAC Module (without the quotes) 7. For Module Filename, click Browse and go to and select /usr/lib/pkcs11/libcoolkeypk11.so - for me, this worked even though I use the 64-bit Ubuntu OS) - do not mistakenly select /home/<yourname>/usr/lib you won t find the file there

8. Select OK, OK, etc. until back to normal browser. 9. Restart computer and test by loading Firefox with card reader plugged in and your CAC card inserted. - For the SCR331 card reader, there should be a green light illuminated when the reader is plugged in. It flashes when the card is inserted AND Firefox is running. If Firefox is not running, the light may not illuminate or it may not flash (until Firefox is started). - For the SCR3310 card reader, the green light will turn on when Firefox is running AND your CAC card is inserted. It will never blink. 10. Log onto a CAC/PKI website to test - When prompted for your Master Password, this is your normal PIN that you use when logging on at work. - When logging onto PKI required sites, you will be prompted by a warning box that is titled User Identification Request. There will be a drop-down menu directly below the line Choose the certificate to present as identification. One option will say CAC ID Certificate and the other will say CAC Email Signature Certificate as well as your name and a bunch of other info. You must select the CAC Email Signature Certificate for OWA and the CAC ID Certificate for non-email sites (such as NKO). If you select the incorrect one and have the Remember this decision box checked, you may need to delete all your history/cookies/etc in order to get back the option to select certificates for future logins to that website. NOTES: - I have not tried to log onto DTS so I don t know if further adjustments may be necessary to do this. I also usually access US Navy sites so there may be issues with non-navy ones. - Some screenshots are not mine, they were taken from the following blog: http://zxq9.com/dodcac/u10.4-lts-32/ubuntu10.4-lts-32.html - To use DBSign, you may need to do further adjustments including some changes to Java. One good resource for how to do this is DBSign Java.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information